There is a command injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of multiple network parameters, an authenticated attacker could use the vulnerability to execute arbitrary commands.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zte mc801a_firmware mc801a_elisa3_b19 |
||
zte mc801a1_firmware mc801a1_elisa1_b04 |